Modern vehicles include distributed embedded Electronic Control Units (ECUs) and software-based components which are carefully tested for proper functional behavior. New vehicles may be equipped with more than 70 ECUs that may be controlled via a Controller Area Network (CAN), Local Interconnect Network (LIN), FlexRay, WLAN or other suitable network. CAN is the most extensively embedded network protocol in vehicles.
Attacks on vehicle networks can be mounted via unauthorized control messages injected into such networks. In that regard, security vulnerabilities in current automotive networks have been verified by executing various attack scenarios. These scenarios can be classified into four categories: injection, interception, modification and interruption. To prevent injection and replay attacks, CAN networks need to support frame authentication. However, the maximum data transfer rate of CAN is 1 Mbps and the maximum payload of a message is 8 bytes, which make authentication over CAN difficult.
To overcome these kinds of vehicle network attacks, a message authentication technique is needed to achieve secure vehicle network communication. The applicants have recognized that such a technique would include a centralized authentication system for a vehicle network, such as a CAN network, with authentication key establishment between connected ECUs.
In a CAN network, the applicants have recognized that such a technique would present a new symmetric key framework to secure communication inside a defined virtual CAN group. Using the cryptosystem of such a technique, each ECU in the virtual group would generate a periodic authentication key associated with a new randomized ID. Such a technique would thereby provide an anti-spoofing mechanism based on hiding an original CAN ID by periodically generating a random ID and appending a message authentication tag to each payload CAN message.
The applicants have recognized that with such a technique, only those ECUs belonging to a virtual group could interpret and exploit a received message. An attacker would not be able to link the new CAN IDs to the original IDs, and therefore would not be able to mount an attack or inject, intercept or modify any CAN message. The key framework of such a technique would also allow vehicle manufacturers to encrypt data communication between two ECUs or between a cloud and an ECU.